Member Panel

morguerat

I've been having trouble with malware, something got into my system through Kazaa lite and disabled the Windows Security Center's ability to look at my anti-virus and anti-spyware software, Windows Defender (not surprisingly) finds nothing, nor is Ad-aware seeing a problem, but everytime I run AVG Anti-Virus it picks up changes in shell32.dll and ntoskrnl.exe, but no virus', and at odd times about 1 second of a song file will play without my participation (Cheryl Crow "My Favorite Mistake").

I picked up HiJackThis from Download.com where it was highly rated, and ran it, but looking over the log I have a fair idea of most of the files it brought up, but some I have no idea about. The program recommended this site, so here I am.

I know my way around Windows Server 2003 and back through Win 3.1 very well, but am still familiarizing myself with Windows Vista (Home Premium). I know my way around the Registry, and a command prompt. I will happily PM or post the HiJackThis log if someone thinks it will be of use.

valis

hello morguerat, and welcome to the forums.....

You may want to print these out. please close all other applications, start hjt again, click 'perform system scan only', place a tick next to the following and click 'fix checked'

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Next,

Download ComboFix from Here or Here to your Desktop.

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

thanks,

v

morguerat

Done and here's the logs.

Thanks for all the help guys.

valis

let's start with that lsp. As for the cheryl crow thing, are you sure you don't have that set for a default sound, and also, is it the same snippet of song, or is it different each time?

Please download LSPFix from here. Disconnect from the internet and run the LSPFix.exe that you have just downloaded. Check the I know what I'm doing box. In the Keep box you should see one or more instances of XXXXX.dll. Select every instance of XXXXX.dll and move each one to the Remove box by clicking the >> button. When you are done click Finish>> and post a new log.

thanks,

v

morguerat

Originally Posted by valis

let's start with that lsp. As for the cheryl crow thing, are you sure you don't have that set for a default sound, and also, is it the same snippet of song, or is it different each time?

Please download LSPFix from here. Disconnect from the internet and run the LSPFix.exe that you have just downloaded. Check the I know what I'm doing box. In the Keep box you should see one or more instances of XXXXX.dll. Select every instance of XXXXX.dll and move each one to the Remove box by clicking the >> button. When you are done click Finish>> and post a new log.

thanks,

v

I ran the fix, it found no instances of that .dll file.

The Cheryl Crow song that plays is always the same section, the lyrics "Did you know" I've checked consistently to make sure it's not an webpage or a system sound. I don't even have the song as an mp3 (I've got the CD in my CD case, but it's never been played on this computer)

morguerat

Here's what the lsp fix window shows.

valis

gawd, I'm losing my mind.

When running the lsp fix, replace the XXXXXXX.dll that Captain America here requested you fix with wpclsp.dll.

Sorry about that, few too many things going on and apparently not enough sleep. Totally my bad.

Then post a new hjt log, and we'll figure out that Sheryl Crow thing later. I'm pretty sure (but not convinced) that it's been assigned a system noise, but we'll dig it out.

thanks,

v

Member Panel

Sponsors and Ads

Noticeboard